Displaying 20 results from an estimated 10000 matches similar to: "[Bug 3207] New: Match blocks ignored in files processed by Include"
2014 Sep 24
11
[Bug 2282] New: When group member count exceeds 126, config reliant fails
https://bugzilla.mindrot.org/show_bug.cgi?id=2282
Bug ID: 2282
Summary: When group member count exceeds 126, config reliant
fails
Product: Portable OpenSSH
Version: 5.3p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sftp-server
2009 Jan 09
1
setting umask for internal-sftp users
I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain
SFTP-only users. I use the following lines in my sshd_config file:
Match Group sftponly
ChrootDirectory /home/chroot-%u
ForceCommand internal-sftp
It works great.
The problem is that some of my users need umask 002 for their uploads. I tried a few ways to
achieve this:
* set umask in sshrc,
2010 Feb 10
1
Syslog for chroot-jailed SFTP users?
Maybe one of you can help. We have set up a CentOS server so that
each user who logs in via sftp will be jailed in their home directory.
Here's the relevant sshd_config:
# override default of no subsystems
Subsystem sftp internal-sftp -f LOCAL2 -l INFO
Match Group sftponly
ChrootDirectory /home/%u
ForceCommand internal-sftp
This actually works great, but none of
2009 Jun 12
0
can you stop the trouble with file masks and default permissions?
Hello!
Please take a look at this problem:
1. at sshd_config:
Subsystem sftp internal-sftp
Match group sftponly
? ? ? ? ?ChrootDirectory /public
? ? ? ? ?X11Forwarding no
? ? ? ? ?AllowTcpForwarding no
? ? ? ? ?ForceCommand internal-sftp
2. at client's bash:
sshfs server:/ /home/kr/krpub-mount -o uid=$(id -u kr) -o gid=$(id -g kr) -o
allow_other -o default_permissions -o reconnect -o
2009 Jun 30
5
[Bug 1616] New: root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616
Summary: root owned empty subdirs are deletable by chroot users
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at mindrot.org
2010 Jul 10
1
internal-sftp and logging not working with Fedora and chroot using 5.5?
Hope ya'all can help!
Been reading and reading, and adjusting... to no avail.
We need to have chroot'd SFTP activities logged on a file server and for
whatever reason, I simply cannot get it to log with users that are chroot'd
(this is necessary for auditing and HIPAA - so it is pretty important)
I have tried with Fedora 11/12 and even an older Fedora 8 server, the same
results:
1.
2011 Nov 18
4
[Bug 1951] New: Add home directory facility for chrooted environments
https://bugzilla.mindrot.org/show_bug.cgi?id=1951
Bug #: 1951
Summary: Add home directory facility for chrooted environments
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
2009 Jun 13
0
openssh sftp chroot /bin/false
hi!
i need ssh users and sftp users on my server. they don't mix so sftp users have a /bin/false
as their shell.
however when i try a ssh connect to such a user. he does not get disconnected but hangs forever.
can it be that sshd searches foer /bin/false in the chroot environment?
but i tried to place it there including ldd requirements. no success.
i just want sftp users to get no shell
2010 Nov 04
0
SFTP subsystem and explicit file permissions
Hello again,
Now that umask is working (thanks very much!) I have found that I would
like to see more control over sftp-server/internal-sftp file
permissions.
Given that previous patches (sftp file control comes to mind) were
produced indicates there are other users that would also like more
control over file permissions.
My solution was to add yet another option to sftp-server/internal-sftp
2013 Jan 18
1
sftp does not allow rename across file system
Hello:
I got the error
EXDEV (Invalid cross-device link)
when renaming one file to another directory that is actually mounting
another file system.
I am using SSH-2.0-OpenSSH_6
with standard SFTP setup as below
Subsystem sftp internal-sftp
Match group sftponly
ChrootDirectory /home/sftp/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand
2010 Jul 14
1
SFTP Chroot
HI:
I tried to deploy a SFTP server with chroot but when i tried to connnect the
client send the next error:
Write failed: Broken pipe
Couldn't read packet: Connection reset by peer
The sshd_conf file is the next:
-------------------------------------------------------------------
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and
2008 Sep 23
3
[Bug 1527] New: ForceCommand internal-sftp needs a way to enable logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1527
Summary: ForceCommand internal-sftp needs a way to enable
logging
Product: Portable OpenSSH
Version: 5.1p1
Platform: Itanium2
OS/Version: HP-UX
Status: NEW
Severity: minor
Priority: P4
Component: sftp-server
AssignedTo:
2009 Mar 13
0
winbind cache seems to change the group membership of a user
Hi,
I'm using the "ChrootDirectory" option for the sshd daemon to jail my ssh
users. Additionally, I'm using the "Match group" option to only jail people
belonging to a specific active directory group. Here are the relevant lines
of the sshd_config file:
LogLevel Debug3
Subsystem sftp internal-sftp
Match group sftpusers
ChrootDirectory /my/chroot/home
ForceCommand
2023 Mar 30
3
sftp and utmp
Hi,
We need to limit concurrent sftp logins to one per user (because of bad
client behaviour). Is there any way to achieve this I have overlooked?
It seems it could be possible with pam_limits, if sftp sessions were
recorded in utmp (a guess from what I found googling around). If I
configure /etc/security/limits.conf with
testuser hard maxlogins 1
and connect with ssh, and try a second
2023 Mar 31
2
sftp and utmp
hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200:
> I've been battling similar issues, and the only methods I've found (with sftp) was to use
> software like pureftd or crushftp (using crushftp lately as production) that does handle these
> issues "out of the box"
> Other than that, I'd expect you'll need to write your own PAM modules to track the
2010 Dec 09
3
[Bug 1844] New: Explicit file permissions enhancement to sftp-server
https://bugzilla.mindrot.org/show_bug.cgi?id=1844
Summary: Explicit file permissions enhancement to sftp-server
Product: Portable OpenSSH
Version: 5.6p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at mindrot.org
2023 Apr 03
2
sftp and utmp
Le Friday, 31 March 2023, 17:47:14 EDT John-Mark Gurney a ?crit :
> hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200:
> > I've been battling similar issues, and the only methods I've found (with sftp) was to use
> > software like pureftd or crushftp (using crushftp lately as production) that does handle these
> > issues "out of the box"
> >
2009 Nov 23
1
Connection type variable
Hello,
I would like to know how would I go about in using a connection type variable with the sshd_config. What would be the consequences,security,problem with doing such a thing. What I would like to accomplish is something like:
Match Group Users
ChrootDirectory "sftp/ssh" /home/%u
ForceCommand "sftp/ssh" internal-sftp
AllowTcpForwarding "sftp/ssh" no
Where
2023 Jan 27
3
[Bug 3528] New: ls hangs when using ldap groups
https://bugzilla.mindrot.org/show_bug.cgi?id=3528
Bug ID: 3528
Summary: ls hangs when using ldap groups
Product: Portable OpenSSH
Version: 8.2p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sftp-server
Assignee: unassigned-bugs at mindrot.org
2009 Mar 18
4
[Bug 1574] New: trailing white space on Forced Command within ChrootDirectory causes failure
https://bugzilla.mindrot.org/show_bug.cgi?id=1574
Summary: trailing white space on Forced Command within
ChrootDirectory causes failure
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: